bsm-rails-api 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 8a942ceff62e17de023a3e4fd5ef334080410bdb
4
+ data.tar.gz: 79d9c3f85caa0102c788faad1f3ef13919b1f052
5
+ SHA512:
6
+ metadata.gz: 1559658a1ff562820e1d35137543bfaeb4ca9766c5a643300db783b426db50bb2c6eccca4b07eeffb5747e027076a7d6a1ccb88d902430a76f1bce4995c880bc
7
+ data.tar.gz: b4208dce344117e471e9717c849023804292891ca284597a006e71ab8b6b2af38607e695adb94944fedf6372ad85826faa53c028a5a0b5e8c4486cd7a3c13d38
@@ -0,0 +1,67 @@
1
+ require 'active_support/concern'
2
+
3
+ module BSM::RailsAPI::Authorization
4
+ extend ActiveSupport::Concern
5
+
6
+ class NotSecure < StandardError
7
+ end
8
+
9
+ included do
10
+ after_filter :ensure_permit_access_authorized!
11
+ end
12
+
13
+ class_methods do
14
+
15
+ # Manage access permissions.
16
+ # Assumptions:
17
+ #
18
+ # * users are already authenticated
19
+ # * controller has a method called current_user which returns a user record
20
+ # * the user has a `#kind` method which returns a string, e.g. 'employee' or 'client'
21
+ # * the user has a `#roles` method which returns an array of strings, e.g. ['app:some:role', 'app:other:role']
22
+ #
23
+ # Example:
24
+ #
25
+ # permit_access :read, employee: :all, client: ["app:custom:role"]
26
+ # permit_access :manage, :destroy, employee: ["app:admin"]
27
+ #
28
+ def permit_access(*actions)
29
+ opts = actions.extract_options!
30
+ acts = actions.map do |name|
31
+ case name
32
+ when :read then [:index, :show]
33
+ when :manage then [:create, :update]
34
+ else name.to_sym
35
+ end
36
+ end.flatten.uniq
37
+
38
+ before_action only: acts do |ctrl|
39
+ user = ctrl.send(:current_user)
40
+ ctrl.send :unauthorized! unless user
41
+
42
+ reqs = opts[user.kind.to_sym]
43
+ ctrl.send :unauthorized! if reqs != :all && (Array.wrap(reqs) & user.roles).empty?
44
+ ctrl.send :instance_variable_set, :@_bsm_rails_api_authorized, true
45
+ end unless acts.empty?
46
+ end
47
+
48
+ end
49
+
50
+ protected
51
+
52
+ # Render a 403
53
+ def unauthorized!
54
+ render text: "Unauthorized", status: 403
55
+ end
56
+
57
+ private
58
+
59
+ # Callback to ensure we have actually granted the user permission
60
+ # to access a resource via permit_access
61
+ def ensure_permit_access_authorized!
62
+ unless @_bsm_rails_api_authorized
63
+ raise NotSecure, "This action failed because permit_access filters were not run. Add permit_access to secure this endpoint."
64
+ end
65
+ end
66
+
67
+ end
@@ -0,0 +1,10 @@
1
+ module BSM
2
+ module RailsAPI
3
+ end
4
+ end
5
+
6
+ %w|
7
+ authorization
8
+ |.each do |name|
9
+ require "bsm/rails_api/#{name}"
10
+ end
@@ -0,0 +1 @@
1
+ require 'bsm/rails_api'
metadata ADDED
@@ -0,0 +1,122 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: bsm-rails-api
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.2.1
5
+ platform: ruby
6
+ authors:
7
+ - Dimitrij Denissenko
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2015-04-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: railties
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 4.2.0
20
+ - - "<"
21
+ - !ruby/object:Gem::Version
22
+ version: 5.0.0
23
+ type: :runtime
24
+ prerelease: false
25
+ version_requirements: !ruby/object:Gem::Requirement
26
+ requirements:
27
+ - - ">="
28
+ - !ruby/object:Gem::Version
29
+ version: 4.2.0
30
+ - - "<"
31
+ - !ruby/object:Gem::Version
32
+ version: 5.0.0
33
+ - !ruby/object:Gem::Dependency
34
+ name: actionpack
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - ">="
38
+ - !ruby/object:Gem::Version
39
+ version: '0'
40
+ type: :runtime
41
+ prerelease: false
42
+ version_requirements: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ version: '0'
47
+ - !ruby/object:Gem::Dependency
48
+ name: activesupport
49
+ requirement: !ruby/object:Gem::Requirement
50
+ requirements:
51
+ - - ">="
52
+ - !ruby/object:Gem::Version
53
+ version: '0'
54
+ type: :runtime
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ requirements:
58
+ - - ">="
59
+ - !ruby/object:Gem::Version
60
+ version: '0'
61
+ - !ruby/object:Gem::Dependency
62
+ name: rake
63
+ requirement: !ruby/object:Gem::Requirement
64
+ requirements:
65
+ - - ">="
66
+ - !ruby/object:Gem::Version
67
+ version: '0'
68
+ type: :development
69
+ prerelease: false
70
+ version_requirements: !ruby/object:Gem::Requirement
71
+ requirements:
72
+ - - ">="
73
+ - !ruby/object:Gem::Version
74
+ version: '0'
75
+ - !ruby/object:Gem::Dependency
76
+ name: rspec
77
+ requirement: !ruby/object:Gem::Requirement
78
+ requirements:
79
+ - - ">="
80
+ - !ruby/object:Gem::Version
81
+ version: '0'
82
+ type: :development
83
+ prerelease: false
84
+ version_requirements: !ruby/object:Gem::Requirement
85
+ requirements:
86
+ - - ">="
87
+ - !ruby/object:Gem::Version
88
+ version: '0'
89
+ description: ''
90
+ email: dimitrij@blacksqaremedia.com
91
+ executables: []
92
+ extensions: []
93
+ extra_rdoc_files: []
94
+ files:
95
+ - lib/bsm-rails-api.rb
96
+ - lib/bsm/rails_api.rb
97
+ - lib/bsm/rails_api/authorization.rb
98
+ homepage: https://github.com/bsm/rails-api
99
+ licenses:
100
+ - MIT
101
+ metadata: {}
102
+ post_install_message:
103
+ rdoc_options: []
104
+ require_paths:
105
+ - lib
106
+ required_ruby_version: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: 2.0.0
111
+ required_rubygems_version: !ruby/object:Gem::Requirement
112
+ requirements:
113
+ - - ">="
114
+ - !ruby/object:Gem::Version
115
+ version: 1.8.0
116
+ requirements: []
117
+ rubyforge_project:
118
+ rubygems_version: 2.4.6
119
+ signing_key:
120
+ specification_version: 4
121
+ summary: BSM's Rails API helpers
122
+ test_files: []